Skip to main content

đź“© Stay Updated! Follow us on LinkedIn and join our mailing list for the latest news!

Get a taste for all ingredients that make up secure open source software (SOSS) and explore the latest trends at the intersection of AI and security, vulnerability management, and threat assessments. Join the sharpest minds in security as they dig into challenges and opportunities that create a recipe for success in making software more secure. Each episode is packed with valuable insight designed to foster collaboration and promote stronger security practices for the open source software on which we all depend.

Host

Christopher “CRob” Robinson

Christopher Robinson (aka CRob) is a 43rd level Dungeon Master and a 26th level Securityologist. He is a leader within several Open Source Security Foundation (OpenSSF) efforts and is a frequent speaker on cyber, application, and open source security. He enjoys hats, herding cats, and moonlit walks on the beach.

Episodes

December 10, 2024 in Podcast

What’s in the SOSS? Podcast #21 – Alpha-Omega’s Michael Winser and Catalyzing Sustainable Improvements in Open Source Security

In this episode, CRob talks to Michael Winser, Technical Strategist for Alpha-Omega, an associated project of the OpenSSF that with open source software project maintainers to systematically find new, as-yet-undiscovered…
Read More
November 26, 2024 in Podcast

What’s in the SOSS? Podcast #20 – Jack Cable of CISA and Zach Steindler of GitHub Dig Into Package Repository Security

CRob discusses package repository security with two people who know a lot about the topic. Zach Steindler is a principal engineer at Github, a member of the OpenSSF TAC and…
Read More
November 12, 2024 in Podcast

What’s in the SOSS? Podcast #19 – Red Hat’s Rodrigo Freire and the Impact of High-Profile Security Incidents

In this episode, CRob talks to Rodrigo Freire, Red Hat's chief architect. They discuss high-profile incidents and vulnerability management in the open source community. Rodrigo has a distinguished track record…
Read More
October 29, 2024 in Podcast

What’s in the SOSS? Podcast #18 – Canonical’s Stephanie Domas and Security Insight from a Self-Described “Tinkerer”

In this episode, CRob talks to Stephanie Domas, CISO at Canonical, the creators of the popular operating system Ubuntu. Having started her career with over 10 years of ethical hacking,…
Read More
October 15, 2024 in Podcast

What’s in the SOSS? Podcast #17 – Intel’s Katherine Druckman and the Impact of Developer Relations

In this episode, CRob discusses the finer points of developer relations (DevRel) with Katherine Druckman, Open Source Evangelist at Intel and co-chair of the OpenSSF Marketing Advisory Council and DevRel…
Read More
October 1, 2024 in Podcast

What’s in the SOSS? Podcast #16 – Dell’s Sarah Evans and Lisa Bradley and Ensuring Secure Open Source Software at the Enterprise Level

In this episode, CRob sits down with Sarah Evans, security research technologist at Dell and Lisa Bradley, senior director of product and application security at Dell. They dig into the…
Read More
September 17, 2024 in Podcast

What’s in the SOSS? Podcast #15 – Bidding Adieu to Omkhar Arasaratnam

In this episode, CRob chats with Omkhar Arasaratnam, who has served as the general manager of the OpenSSF and was co-host of What’s in the SOSS? As Omkhar moves on…
Read More
September 10, 2024 in Podcast

What’s in the SOSS? Podcast #14 – CoSAI, OpenSSF and the Interesting Intersection of Secure AI and Open Source

Omkhar is joined by Dave LaBianca, security engineering director at Google, Mihai Maruseac, member of the Google Open Source Security Team, and Jay White, security principal program manager at Microsoft.…
Read More
September 2, 2024 in Podcast

What’s in the SOSS? Podcast #13 – GitHub’s Mike Hanley and Transforming the “Dept. of No” Into the Dept. of “Yes And…”

In this episode, Omkhar chats with Mike Hanley, Chief Security Officer and SVP of Engineering at GitHub. Prior to GitHub, Mike was the Vice President of Security at Duo Security,…
Read More
August 27, 2024 in Podcast

What’s in the SOSS? Podcast #12 – CISA’s Aeva Black and the Public Sector View of Open Source Security

In this episode, Omkhar Arasaratnam visits with Aeva Black, who currently serves as the Section Chief for Open Source Security at CISA, and is an open source hacker and international…
Read More
August 13, 2024 in Podcast

What’s in the SOSS? Podcast #11 – Google’s Andrew Pollock and Addressing Open Source Vulnerabilities

Andrew Pollock is a Senior Software Engineer at Google, currently working on https://osv.dev. With a background as an Enterprise Security Engineer, he has extensive experience in large-scale Linux Systems Administration…
Read More
July 30, 2024 in Podcast

What’s in the SOSS? Podcast #10 – Rust Foundation’s Bec Rumbul and Succeeding as a “Non-Techie” in a Tech-Heavy Industry

Bec Rumbul is the Executive Director and CEO of the Rust Foundation, a global non-profit stewarding the Rust language, supporting maintainers, and ensuring that Rust is safe, secure, and sustainable…
Read More
July 16, 2024 in Podcast

What’s in the SOSS? Podcast #9 – Sonatype’s Brian Fox and the Perplexing Phenomenon of Downloading Known Vulnerabilities

Brian Fox is Co-founder and Chief Technology Officer at Sonatype, bringing over 28 years of hands-on experience driving software development for organizations of all sizes, from startups to large enterprises.…
Read More
July 2, 2024 in Podcast

What’s in the SOSS? Podcast #8 – Intel’s Arun Gupta and Giving Back to Security Communities

Arun Gupta is vice president and general manager of Open Ecosystem Initiatives at Intel Corporation and the OpenSSF Governing Board Chair. Arun has been an open source strategist, advocate, and…
Read More
June 18, 2024 in Podcast

What’s in the SOSS? Podcast #7 – Stacklok’s Adolfo GarcĂ­a Veytia Digs Into SBOMs and VEX

The world of software bill of materials (SBOMs) is both complex and fascinating. And few people know the SBOM community better than Adolfo GarcĂ­a Veytia — aka Puerco — Staff…
Read More
June 11, 2024 in Podcast

What’s in the SOSS? Podcast #6 – A Man Called CRob: Introducing the Newest Co-host of What’s in the SOSS?

Christopher Robinson (aka CRob) is the Director of Security Communications at Intel Product Assurance and Security. He also serves as the Open SSF’s Technical Advisory Committee (TAC) Chair. And soon,…
Read More
June 4, 2024 in Podcast

What’s in the SOSS? Podcast #5 – OpenAI’s Matt Knight and Exploring the Intersection of AI and Open Source Security

Matt Knight is Head of Security at OpenAI, where he builds IT, privacy and security programs. His teams also collaborate on security research with teams across OpenAI and with the…
Read More
May 21, 2024 in Podcast

What’s in the SOSS? Podcast #4 – Eric Brewer and the Future of Open Source Security

In this episode, Omkhar talks to Eric Brewer, professor emeritus of computer science at the University of California, Berkeley and vice president of infrastructure at Google. He’s also on the…
Read More
May 7, 2024 in Podcast

What’s in the SOSS? Podcast #3 – Mark Russinovich and AI’s Impact on Software Engineering and Open Source Software Security

In this episode, Omkhar talks to Mark Russinovich, CTO of Microsoft Azure. Mark oversees the technical strategy and architecture of Microsoft’s cloud computing platform. Mark is also on the Governing…
Read More
April 23, 2024 in Podcast

What’s in the SOSS? Podcast #2 – Christoph Kern and the Challenge of Keeping Google Secure

In this episode, Omkhar talks to Christoph Kern, Principal Software Engineer in Google’s Information Security Engineering organization. Christoph helps to keep Google’s products secure and users safe. His main focus…
Read More
April 11, 2024 in Podcast

What’s in the SOSS? Podcast #1 – Vincent Danen and the Art of Vulnerability Management

In this episode, Omkhar talks to Vincent Danen, Vice President of Product Security at Red Hat, responsible for security and compliance activities for all Red Hat products and services. He’s…
Read More